Industrial Espionage – it affects us all

Most of the spies written about in books work for government agencies such as MI5, CIA, KGB, Mossad and their ilk. Fictional ones like James Bond, George Smiley and Jason Bourne. Real ones like Kim Philby and Mata Hari. But there’s another kind of spying. Not so much is written about it, but it’s very real, and arguably more widespread and more relevant to our everyday lives. Industrial Espionage. Not a strictly correct term; it should probably be “commercial espionage”, but that’s what it’s called, and you get the picture.

Read my other article about spies in fiction here

Industrial espionage has been around for hundreds of years, indeed since the industrial revolution, with business owners and industrial spies alike looking for any advantage they can get over the competition. In today’s world, various countries, companies, and individuals continue to search for ways to steal trade secrets to gain an upper hand in the cutthroat world of business. As technology advances, so do the methods used to carry out industrial espionage. But there’s still a place for human spies – the Ronald Joneses of this world.

Unsurprisingly, we don’t get to hear of many examples. Firms who succeed in surreptitiously obtaining secrets don’t advertise the fact, and those who lose out need to hide their shame from their shareholders. However, we do know of some high profile cases.

Real life examples of industrial espionage

Industrial espionage is a sophisticated form of fraud and deceit aimed at political, economic, and industrial aims. It involves the illegal gathering of commercially valuable information, such as trade secrets, formulas, and even entire industrial designs. While there are a number of cases of industrial espionage around the world, some have stood out as particularly notable or influential.

One of the most famous cases of industrial espionage is the now infamous “Electric Lock” case. In the late 1990s, the US IT company Unisys accused a group of individuals and companies led by German industrialist Günter Maschke of illegally accessing their secure system. The group is believed to have used inside information and expertise gained previously in order to gain access to hundreds of confidential records and plans. Unisys was ultimately awarded $140 million in damages, setting a benchmark for industrial espionage damages.

The years prior to the “Electric Lock” case were marked by other notable espionage events. In 1998, French telecom giant Alcatel was found to have improperly accessed and “stolen” material from a competitor. The resulting criminal charges were later dropped, however, as the evidence was too circumstantial.

Perhaps the most publicised case in recent years was between German automaker Volkswagen and a Japanese rival, Suzuki. Over the course of more than two decades, Volkswagen is alleged to have spent millions of dollars systematically stealing technology from Suzuki. The investigation not only uncovered evidence of espionage, but also blackmail, bribery, and computer-hacking as Volkswagen attempted to gain access to some of Suzuki’s most treasured secrets.

Cyber-attacks or hacking – the new tools for industrial espionage

In 2005, the French motor manufacturer Peugeot-Citroen was targeted by a Chinese corporate espionage hacker. Having got in, he simply downloaded some of their top-secret documents and technical data to a USB memory stick. In 2007, a British subsidiary of the US-based General Electric had its research documents and product data stolen.

Now, the most common form of industrial espionage is hacking. Every company – and arguably, every individual – has their computerised information at risk. In 2015, it was hackers that obtained information to prove that Volkswagen had cheated on emission tests, uncovering software called ‘Defeat Device’ that the car maker used to manipulate its results. This eventually cost the company billions in fines.

In 2017, a data breach at Equifax led to the personal data of around 147 million customers being stolen. The breach was ultimately the result of malware installed by state-sponsored hackers who managed to gain access to Equifax’s customer databases.

The examples of hacking that we hear about are more a case of criminals holding companies to ransom than theft of secret data. But we can be sure that for every high-profile ransomware attack there are dozens of undetected hacks commissioned by commercial rivals.

Industrial Espionage is a risk for every company – and all of us

These cases are just the tip of the iceberg. These examples demonstrate the significant threat posed by industrial espionage and all kinds of confidential data, from customer information to product design data, remain potential targets for malicious actors.

It’s essential for companies to ensure their cyber security measures are adequate and up-to-date. Companies should ensure that their networks, staff and confidential data are all protected from potential attackers. Failing to do so can result in serious fines, reputational damage and costly legal proceedings. You’d think that they’re all already doing everything they can, but no, every month there’s another published case of a business that loses out. Real life hackers are at least as sophisticated and devious – and successful – as the fictitious ones we see in films and read about in thrillers.

My own experience

I used to do a lot of computer programming, but in an ancient language, and I could never have become a hacker. However, my business career also gave me the opportunity of spending considerable time working in other companies, including some of the biggest multinationals on earth: five major banks, a motor manufacturer, an electronics giant, several pharmaceutical companies. Most had stringent controls over physical entry to their offices and factories, and massive IT departments. (You can read my recollections of some of these visits in my travelogue “There’s No Business Like International Business”). Nevertheless, in every one that I visited frequently it became easy to see “chinks in the armour”, and on two occasions I felt very uneasy about the actions of other visitors that I witnessed. (I duly reported both; I have no idea what action, if any, was taken).

Ultimately, all businesses should take the threat of industrial espionage seriously and take the necessary measures to protect their secrets and data. By understanding the history of such cases, we can gain a better sense of how to best protect our information against espionage.

Tip of the Iceberg

These groundbreaking cases have demonstrated the extent to which industrial espionage can damage a company’s stock price and reputation, as well as the legal implications involved. But my bet is that 99% of cases fly under the radar, unreported. In most cases the company whose secrets are stolen either never find out, or only discover months or years later, by which time they cannot know when or how it happened, nor prove their case.

Oliver Dowson’s new thriller, ‘The Repurposed Spy’, has industrial espionage, done the old-fashioned way (but set in the present), as an underlying theme. Read more here.